Check Point SandBlast TE250X Appliance Firewall

Check Point SandBlast TE250X Appliance Firewall

Features:

Deployment Options

Emulate threats in one of two deployment options: 1. Private cloud: Check Point security gateways send files to a SandBlast appliance for emulation 2. Inline: This is a stand-alone option that deploys a SandBlast Appliance inline or on a SPAN port, utilizing Threat Emulation, Threat Extraction, Anti-Virus and Anti-Bot software blades to secure the traffic.

Comprehensive Threat Protection

SandBlast Appliances protect you from both known and unknown threats with Antivirus, Anti-Bot, Threat Emulation (sandboxing), and Threat Extraction technologies.

Sandblast Zero-day Protection

The SandBlast Threat Emulation technology employs the fastest and most accurate sandboxing engine available to pre-screen files, protecting your organization from attackers before they enter your network.

Known Threat Detection

The Antivirus Software Blade uses real-time virus signatures from ThreatCloud™ to detect and block known malware at the gateway before users are affected. The Anti-Bot Software Blade detects bot-infected machines, preventing damages by blocking bot Command & Control communications.

Evasion Resistant Detection

Traditional sandbox solutions detect malware behavior at the OS level – after the exploitation has occurred and the hacker code is running. They are therefore susceptible to evasion. SandBlast Threat Emulation capability utilizes a unique CPU-level inspection engine which monitors the instruction flow at the CPU-level to detect exploits attempting to bypass OS security controls, effectively stopping attacks before they have a chance to launch.

Proactive Prevention With Prompt Delivery Of Safe Content

When it comes to threat prevention, there doesn’t have to be a trade-off between speed, coverage and accuracy. Unlike other solutions, Check Point Zero-Day Protection can be deployed in prevent mode, while still maintaining uninterrupted business flow. SandBlast Threat Extraction removes exploitable content, including active content and embedded objects, reconstructs files to eliminate potential threats, and promptly delivers sanitized content to users to maintain business flow. Configure Threat Extraction in one of two ways: Quickly provide a reconstructed document to the user, or await response from SandBlast Threat Emulation before determining whether or not to reconstruct the document.

Inspect Encrypted Communications

Files delivered into the organization over SSL and TLS represent a secure attack vector that bypasses many industry standard implementations. Check Point Threat Prevention looks inside these protected SSL and TLS tunnels to extract and launch files to discover hidden threats.

Threat Emulation Detailed Report

Every file emulation generates a detailed report. Simple to understand, the report includes detailed forensic information about any malicious attempts originated by running this file. The report provides actual screenshots of the simulated environments while running the file.

ThreatCloud Ecosystem

For each new threat discovered by Threat Emulation, a new signature is created and sent to Check Point ThreatCloud, where it is distributed to other Check Point connected gateways. Threat Emulation converts newly identified unknown attacks into known signatures, making it possible to block these threats before they have a chance to become widespread. This constant collaboration makes the ThreatCloud ecosystem the most advanced and up-to-date threat network available.